Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tomer_Sole
Mentor
Mentor
Jump to solution

Which file types does Threat Emulation support? How can I make sure that I inspect them all?

In R77 SmartDashboard there was a notification for "new file types supported" and a link to configure. What is the alternative to this in R80?

0 Kudos
1 Solution

Accepted Solutions
Tomer_Sole
Mentor
Mentor

R80 does not notify on newly supported file types for the Threat Emulation engine. A best practice would be to check the list of supported file types following every update to the blade.

To view all supported file types, click on Manage & Settings --> Blades --> Threat Prevention. Then select the Threat Emulation page and click on "file types". Check the file types that you wish to inspect in all of your profiles by default.

file-types.png

file-types2.png

The next step will be to check whether you would like your threat prevention profiles inspect all selected file types, or only a subset of them. By default they inspect all the selected file types from the previous step.

You can configure your threat prevention profile settings when navigating to Security Policies-->Threat Prevention-->Policy. Then the bottom part changes to "Threat Tools" with a link to the Profiles page.

navigation1.png   navigation2.png  navigation3.png

The profile settings have a Threat Emulation page. In this page, you can choose whether to inspect all supported file types (from the blade settings page) or to bypass some of them. To bypass, change the file types configuration from "all" to "specific", and then inside the configuration page, right click specific file types and change their action from "Inspect" to "Bypass".

profile0.png profile1.png   profile2.png

View solution in original post

0 Kudos
1 Reply
Tomer_Sole
Mentor
Mentor

R80 does not notify on newly supported file types for the Threat Emulation engine. A best practice would be to check the list of supported file types following every update to the blade.

To view all supported file types, click on Manage & Settings --> Blades --> Threat Prevention. Then select the Threat Emulation page and click on "file types". Check the file types that you wish to inspect in all of your profiles by default.

file-types.png

file-types2.png

The next step will be to check whether you would like your threat prevention profiles inspect all selected file types, or only a subset of them. By default they inspect all the selected file types from the previous step.

You can configure your threat prevention profile settings when navigating to Security Policies-->Threat Prevention-->Policy. Then the bottom part changes to "Threat Tools" with a link to the Profiles page.

navigation1.png   navigation2.png  navigation3.png

The profile settings have a Threat Emulation page. In this page, you can choose whether to inspect all supported file types (from the blade settings page) or to bypass some of them. To bypass, change the file types configuration from "all" to "specific", and then inside the configuration page, right click specific file types and change their action from "Inspect" to "Bypass".

profile0.png profile1.png   profile2.png

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events